#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
        log /dev/log    local0
        log /dev/log    local1 notice
        daemon


#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
        mode                    http
        log                     global
        option                  httplog
        option                  dontlognull
        option http-server-close
        option forwardfor       except 127.0.0.0/8
        option                  redispatch
        retries                 1
        timeout http-request    10s
        timeout queue           20s
        timeout connect         5s
        timeout client          20s
        timeout server          20s
        timeout http-keep-alive 10s
        timeout check           10s


#---------------------------------------------------------------------
# apiserver frontend which proxys to the control plane nodes
#---------------------------------------------------------------------
frontend apiserver
    bind *:8443
    mode tcp
    option tcplog
    default_backend apiserver

#---------------------------------------------------------------------
# round robin balancing for apiserver
#---------------------------------------------------------------------
backend apiserver
    option httpchk GET /healthz
    http-check expect status 200
    mode tcp
    option ssl-hello-chk
    balance     roundrobin
        server apiserver1 {{ hostvars['k8s-master1'].ansible_ssh_host }}:6443 check
        server apiserver2 {{ hostvars['k8s-master2'].ansible_ssh_host }}:6443 check
        server apiserver3 {{ hostvars['k8s-master3'].ansible_ssh_host }}:6443 check
